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REMARKS 

The foregoing amendment amends Claims 1, 2, 3, 5, 7, 8, 9, 1 1, 13, 19, 26, 27, 28, 29, 
31, 33 and 40, and cancels Claims 4, 6, 10, 12, 16, 18, 22, 24, 25, 30, 32, 36, 38 and 39 without 
prejudice to pursuit of the same or similar claims in this application or a continuation 
application. Now in the application are 1, 2, 3, 5, 7-9, 1 1, 13, 14, 15, 17, 19, 20, 21, 23, 26, 27, 
28, 29, 31, 33, 34, 35, 37 and 40 of which Claims 1, 13, 26, 27, 33 and 40 are independent. No 
new matter has been added. 

Claim Amendments 

The claims have been amended to clarify that the invention deals with controlling usage 
of a network based on the identity of an authenticated individual user. Hence the pending claims 
are concerned with an authenticated individual user as recognized by the Examiner in the 
Advisory Action of October 23, 2006. The claims have also been amended to recite storing or 
means for storing the created packet rules, service abstractions, and role abstractions. 

Claim Rejections Under 35 U.S.C. S 102 

Claims 1-3, and 5 are rejected under 35 U.S.C. § 102(e) as being anticipated by 
2003/0021283 to See et al. (hereinafter "See"). Applicants respectfully disagree. 

Amended claim 1 is independent and claims 2, 3, and 5 depend from claim 1. As claims 
2, 3, and 5 depend from amended claim 1, they incorporate each and every element of amended 
claim 1 . Claim 1 has been amended to clarify that the method is directed to controlling usage of 
a network based on the identity of an authenticated user and the service abstractions are 
associated with the authenticated user. Steps of storing the created packet rules and service 
abstractions were also added. Claims 2, 3, and 5 have been amended to agree with the 
amendment to claim 1 . 

See fails to disclose each and every element of claims 1-3 and 5, as amended. 
Specifically, See fails to disclose controlling usage of network resources based on the identity of 
an authenticated user wherein one or more of the service abstractions are associated with an 
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authenticated user of the communications network. This is not a concept disclosed in See. The 
ability to control use based on the identity of an authenticated user provides a level of flexibility 
not considered by See. See only considers managing based on the device or element. In 
contrast, the present invention controls based on a user regardless of device or element being 
used by the user. That is, the present invention allows the possibility of multiple users using a 
device or element. In See, the controlling of usage is based on the host computer. See does not 
consider the possibility that different users, having different privileges on the network, may be 
using the host computer. In See control is only based on the host computer and cannot be 
changed based on the user of the host computer. The present invention overcomes this 
limitation by controlling usage based on the identity of the user. Thus, it does not matter what 
device the user uses to access the network because control is based on the user not the device. 
As such, See fails to disclose each and every element of claims 1-3 and 5, as amended. 

In view of the above amendments and arguments, Applicants respectfully request that the 
rejection to claims 1-3, and 5 under 35 U.S.C. 102(e) be removed and the claims passed to 
allowance. 

Claim Rejections Under 35 U.S.C. S 103 

Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over See in view of 
Nessett (5,968,176). Claims 7-9, 11-12, 27-29 and 31-32 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over See in view of Azarmi (5,905,715). Claims 10 and 30 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over See in view of Azarmi and further in view of 
Nessett. Claims 13-18 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
See in view of Nessett. Claims 19-24 and 33-40 are rejected under 35 U.S.C. 103(a) as being 
unpatentable oversee in view of Nessett and further in view of Azarmi. Claim 26 is rejected 
under 35 U.S.C. 103(a) as being patentable over See. 

Claim 4 

The forgoing amendment cancels claim 4 without prejudice. Accordingly, Applicants 
consider the rejection of claim 4 moot. For at least this reason, Applicants request the Examiner 
to withdraw the rejection of claim 4 under 35 U.S.C. 103(a). 
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Claims 7-9 and 11-12 

The forgoing amendment cancels claim 12 without prejudice. Accordingly, Applicants 
consider the rejection of claim 12 moot. For at least this reason, Applicants request the 
Examiner to withdraw the rejection of claim 12 under 35 U.S.C. 103(a). 

The combination of See with Azarmi fails to teach or suggest each and every element of 
claims 7-9 and 11. Claims 7-9 and 1 1 depend indirectly from amended claim 1 and as such 
incorporate each and every element of amended claim 1 . 

For the same reasons as set forth above in regard to the 35 U.S.C. 102 rejection, See fails 
to disclose, teach or suggest every element of claims 7-9 and 1 1 . Specifically, See fails to 
disclose, teach or suggest controlling usage of network resources based on the identity of an 
authenticated user wherein one or more of the service abstractions are associated with an 
authenticated user of the communications network. 

As discussed above the present invention controls usage of the network resource based 
on the user of the network. This is not a concept disclosed in See. The ability to control use 
based on the user provides a level of flexibility not considered by See. See only considers 
managing based on the device or element. In contrast, the present invention controls based on a 
user regardless of device or element being used by the user. See discloses associating policies 
with a device. See does not disclose associating a service abstraction with an authenticated user 
who could be operating any number of possible devices. The addition of Azarmi fails to cure 
this deficiency. Azarmi is concerned with the provision of flexible bandwidth service (FBS) 
provided by means of Asynchronous Transfer Mode (ATM) network technology. That is, the 
customer specifies bandwidth requirements on a point-to-point basis, interfaces and time of day 
requirements and the network operator provides and manages the equipment and capacity 
necessary to meet those requirements. As such, the combination See with Azarmi fails to teach 
or suggest each and every element of claims 7-9 and 1 1 . 
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In view of the above arguments, Applicants submit that the subject matter of claims 7-9 
and 1 1 is not obvious and respectfully request that the rejection to the claims under 35 U.S.C. 
103 be removed and the claims passed to allowance. 

Claims 27-29 and 31-32 

Of these claims, claim 27 is independent. Claims 28, 29 and 3 1 depend from amended 
claim 27 and as such incorporate each and every element of amended claim 27. 

Claim 32 has been cancelled and therefore Applicants consider the rejection of claim 32 

moot. 

The combination of See with Azarmi fails to teach or suggest each and every element of 
claims 27-29 and 3 1 , as amended. Specifically, the combination of See and Azarmi fails to 
teach or suggest controlling usage of network resources based on the identity of an authenticated 
user wherein one or more of the service abstractions are associated with an authenticated user of 
the communications network. 

The present invention, as set forth in amended claims 27-29 and 3 1 is directed to 
controlling use of network resources based on the user of the communication networks. In the 
specific case of amended claims 27-29 and 3 1 there is a focus on the role of the user in the 
communication network. That is the role of the user affects the use of the communication 
network the user is granted. For example, if the communication network was a university 
network, the role of a user may be as an undergraduate student, a graduate student, a professor, 
staff, or a system administrator. Each of these roles may be provided with a different level of 
usage on the network. As such the role of the user is represented by a role abstraction including 
a set of one or more packet rules. This is a concept that is not suggested or taught in either See 
or Azarmi. As such, the combination See with Azarmi fails to teach or suggest each and every 
element of amended claims 27-29 and 3 1 . 

In view of the above arguments, Applicants submit that the subject matter of amended 
claims 27-29 and 3 1 is not obvious and respectfully request that the rejection to the claims under 
35 U.S.C. 103 be removed and the claims passed to allowance. 
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Claims 10 and 30 

The forgoing amendment cancels claims 10 and 30 without prejudice. Accordingly, 
Applicants consider the rejection of claims 10 and 30 moot. For at least this reason, Applicants 
request the Examiner to withdraw the rejection of claims 10 and 30 under 35 U.S.C. 103(a). 

Claims 13-18 and 25 

The forgoing amendment cancels claims 16, 18 and 25 without prejudice. Accordingly, 
Applicants consider the rejection of claims 16, 18 and 25 moot. For at least this reason, 
Applicants request the Examiner to withdraw the rejection of claims 16, 18 and 25 under 35 
U.S.C. 103(a). 

Claim 13 is independent. Claims 14, 15 and 17 depend from claim 13. Claim 13 has 
been amended to clarify that usage of the network is controlled based on the identity of an 
authenticated user and the one or more service abstractions are associated with an authenticated 
user. As claims 14, 15 and 17 depend from amended claim 13, they incorporate each and every 
element of amended claim 13. 

The combination of See and Nessett fails to teach or suggest each and every element of 
claims 13-15 and 17, as amended. Specifically, See and Nessett fail to teach or suggest creating 
one or more service abstractions wherein the one or more service abstractions are associated 
with an autheticated user of the communication network. 

As discussed above, the present invention controls usage of the network resource based 
on the user of the network system. This is not a concept disclosed in See. The ability to control 
use based on the user provides a level of flexibility not considered by See. See only considers 
managing based on the device or element. In contrast, the present invention controls based on a 
user regardless of device or element being used by the user. See discloses associating policies 
with a device. See does not disclose associating a service abstraction with an authenticated user 
who could be operating any number of possible devices. The addition of Nessett fails to cure 
this deficiency. Nessett is cited for teaching a security policy management back end (32) and a 
security policy language interpreter (34). The security policy management back end (32) 
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decides how to partition the security policy statements into sets of configuration data enforceable 
at specific nodes, and transforms the rules of the security policy statements into node specific 
configuration data enforceable at the chosen nodes. The interpreter (34) interprets a script in a 
security policy language to provide security policy statements. Nessett does not teach or suggest 
a rule editing module to create one or more packet rules. As such, the combination See with 
Nessett fails to teach or suggest each and every element of amended claims 13-15 and 17. 

In view of the above amendments and arguments, Applicants submit that the subject 
matter of claims 13-15 and 17 is not obvious and respectfully request that the rejection to the 
claims under 35 U.S.C. 103 be removed and the claim passed to allowance. 

Claims 19-24 

The forgoing amendment cancels claims 22 and 24 without prejudice. Accordingly, 
Applicants consider the rejection of claims 22 and 24 moot. For at least this reason, Applicants 
request the Examiner to withdraw the rejection of claims 22 and 24 under 35 U.S.C. 103(a). 

The combination of See with Nessett and Azarmi fails to teach or suggest each and every 
element of claims 19-21 and 23, as amended. Specifically the combination of references fails to 
teach or suggest controlling usage of network resources based on the identity of an authenticated 
user wherein one or more of the service abstractions are associated with an authenticated user of 
the communications network. 

Claims 19-21 and 23 depend from claim 13 and as such incorporate each and every 
element of claim 13. As discussed above in regard to amended claim 13, the combination of See 
and Nessett does not teach or suggest controlling usage of network resources based on the 
identity of an authenticated user wherein one or more of the service abstractions are associated 
with an authenticated user of the communications network. The addition of Azarmi does not 
cure this deficiency. Likewise, as set forth in regard to claim 7-9 above, the combination of See 
with Azarmi fails to teach or suggest role abstractions representing a role of a user with respect 
to the communication network. The addition of Nessett fails to cure this deficiency. As such the 
combination of See with Nessett and Azarmi fails to teach or suggest each and every element of 
claims 19-21 and 23. 
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In view of the above arguments, Applicants submit that the subject matter of claims 19- 
21 and 23 is not obvious and respectfully request that the rejection to the claims under 35 U.S.C. 
103 be removed and the claim passed to allowance. 

Claims 33-40 

The forgoing amendment cancels claims 36, 38 and 39 without prejudice. Accordingly, 
Applicants consider the rejection of claims 36, 38 and 39 moot. For at least this reason, 
Applicants request the Examiner to withdraw the rejection of claims 36, 38 and 39 under 35 
U.S.C. 103(a). 

Of these claims, claims 33 and 40 are independent. Claims 34, 35 and 37 depend from 
amended claim 33 and as such incorporate each and every element of amended claim 33. As 
discussed above, in regard to claims 27-29 and 3 1 , the combination of See with Azarmi fails to 
teach or suggest each and every element of claims 27-29 and 3 1 . Specifically, the combination 
of See and Azarmi fails to teach or suggest creating one or more role abstractions associated 
with an authenticated user wherein each role abstraction represents a role of an authenticated 
user with respect to the communication network. 

The present invention, as set forth in claims 33-35, 37 and 40 is directed to controlling 
use of network resources based on the user of the communication networks. In the specific case 
of claims 33-35, 37 and 40 there is a focus on the role of the user in the communication network. 
That is, the role of the user affects the use of the communication network the user is granted. 
For example, if the communication network was a university network, the role of a user may be 
as an undergraduate student, a graduate student, a professor, staff, or a system administrator. 
Each of these roles may be provided with a different level of usage on the network. As such the 
role of the user is represented by a role abstraction including a set of one or more packet rules. 
This is a concept that is not suggested or taught in either See or Azarmi. The addition of Nessett 
fails to cure this deficiency. As such, the combination See with Nessett and Azarmi fails to 
teach or suggest each and every element of claims 33-35,37 and 40, as amended. 
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In view of the above arguments, Applicants submit that the subject matter of claims 33- 
35, 37 and 40, as amended, is not obvious and respectfully request that the rejection to the claims 
under 35 U.S.C. 103 be removed and the claims passed to allowance. 

Claim 26 

See fails to disclose each and every element of amended claim 26. For the same reasons 
as set forth above in regard to the 35 U.S.C. 102 rejection, See fails to teach or suggest every 
element of amended claim 26. Specifically, See fails to teach or suggest controlling usage of 
network resources based on the identity of an authenticated user wherein one or more of the 
service abstractions are associated with an authenticated user of the communications network. 

As discussed above the present invention controls usage of the network resource based 
on the user of the network system. This is not a concept discussed in See. The ability to control 
use based on the user provides a level of flexibility not considered by See. See only considers 
managing based on the device or element. In contrast, the present invention controls based on a 
user regardless of device or element being used by the user. See discloses associating policies 
with a device. See does not disclose associating a service abstraction with a user who could be 
operating any number of possible devices. As such, the See fails to teach or suggest each and 
every element of amended claim 26. 

In view of the above amendments and arguments, Applicants submit that the subject 
matter of amended claim 26 is not obvious and respectfully request that the rejection to the claim 
under 35 U.S.C. 103 be removed and the claim passed to allowance. 
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CONCLUSION 

In view of the above amendment, applicant believes the pending application is in 
condition for allowance. 

Applicant believes no fee is due with this statement. However, if a fee is due, please 
charge our Deposit Account No. 12-0080, under Order No. ENB-012RCE from which the 
undersigned is authorized to draw. 



Dated: December 29, 2006 



Respectfully submitted, 

B y ^QAAcftVX^JLA^Q 
David R. Burns 
Registration No.: 46,590 
LAHIVE & COCKFIELD, LLP 
One Post Office Square 
Boston, Massachusetts 02109 
(617) 227-7400 
(617) 742-4214 (Fax) 
Attorney/Agent For Applicant 
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